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Art Unit: 3621 ' 
AMENDMENTS TO THE CLAIMS: 

This listing of the claims will replace all prior versions, and listings, of the claims in this 
application. 

Listing of Claims: 

1 . (Currently Amended) A method, comprising: 

generating with a computer a set of subscriber-specific authentication data blocks into [[the]] a 
network, each data block containing a challenge, a response and a key, wh e reby where the 
generation is performed in the same manner as in a known mobile communications system; 
transmitting with a transmitter at least some of the challenges contained in the authentication data 
blocks to [[the]] a terminal; 

choosing one of the challenges for use in the terminal, and based on the challenge, determining 
a response and a key to be used with an aid of an identification unit of the terminal essentially 
in the same way as in a subscriber identification module of the mobile communication system; 
determining an authenticator with an aid of the chosen key in the terminal; 
transmitting, from the terminal to the network, the authenticator and a data unit, the data unit 
containing information relating to the manner in which the authentication is formed and notifying 
the network with the aid of the data unit of which key corresponding to which challenge was 
chosen, and a check value with the aid of the chosen key in the network; and 
comparing the check value with the authenticator. 

2. (Currently Amended) The method as defined in claim 1, whe r ein where the data unit is a 
security parameter index in the registration message of [[the]] a mobile internet protocol. 

3. (Currently Amended) The method as defined in claim 1, wherein where the value of the 
response determined at the terminal is inserted into the data unit. 

4. (Currently Amended) The method as defined in claim 1, wher e in where the challenges are 
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sorted in an order at the terminal with the aid of predetermined sorting criteria and a consecutive 
number corresponding to the chosen challenge is inserted into the data unit. 

5. (Currently Amended) The method as defined in claim 1 , wherein where the identification unit 
used in the terminal is [[the]] a subscriber identity module used by t he known a global system 
for mobile communication system and the authentication data blocks are authentication triplets 
used by the global system for mobile communication system. 

6. (Currently Amended) The method as defined in claim 5, wh e rein where the authentication 
triplets are fetched from [[the]] an authentication center of the global system for mobile 
communication system. 

7. (Currently Amended) The method as defined in claim 6, whe r ein where the challenges to be 
transmitted to theterminal are transmitted by using a [[known]] shortmessage switching service. 

8. (Currently Amended) The method as defined in claim 1, wh e r e in where the challenges to be 
transmitted to the terminal are transmitted in an internet protocol datagram to be sent through an 
internet protocol network. 

9. (Currently Amended) The method as defined in claim 1 for an internet protocol network, 
wher e in where the authentication data blocks are transmitted to [[the]] a home agent of the 
terminal and with the aid of [[the]] a data unit message is given t o the home agent is informed 
about which key corresponding to which challenge was chosen, whereby where the check value 
is determined in the home agent. 

10. (Currently Amended) A system, comprising: 

in a terminal of [[the]] a network, a first message transmission unit that is configured to transmit 
an authenticator and a data unit to the network, the data unit including information relating to the 
manner in which the authenticator is formed; and 

a checking unit that is configured to determine a check value with aid of the data unit, 
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wherein where 

the terminal of the network includes such comprises an identification unit, which receives as 
input a challenge from which a response and a key are defined ess e n t ially substantially in a same 
manner as in a subscriber identity module of a known mobile communications system, 
the system includes a generating unit that is configured to generate authentication data blocks in 
the same manner as in the mobile communications system, the authentication data blocks include 
a challenge, a response and a key, 

the system includes a transmission unit that is configured to transmit challenges contained by the 
authentication data blocks to the terminal, 

the terminal includes a selection unit that is configured to select one challenge for use, 

the first message transmission unit inserts such a value into the data unit which indicates which 

key corresponding to which challenge was selected for use in the terminal, and 

the first message transmission unit determines the authenticator and the checking unit det e rmine 

determines the check value based on the selected key. 

1 1 . (Currently Amended) The system as defined in claim 1 0, whe r ein where the identification 
unit located in connection with the terminal is a subscriber identity module used in the mobile 
communications system. 

12. (Currently Amended) The system as defined in claim 10, whe r ein where the [[said]] 
generating unit includes an authentication center of the mobile communications system. 

13. (Currently Amended) The system as defined in claim 10, whe r ein where the [[said]] 
transmission unit include comprises a unit for carrying out a [[known]] short message switching 
service. 

14. (Currently Amended) A method, comprising: 

generating with a computer a set of subscriber-specific authentication data blocks, each 
authentication data block containing a challenge, a response and a key; 

transmitting with a transmitter at least some of the challenges contained in the authentication data 
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blocks to a terminal; 

choosing one of the challenges for use in the terminal, and based on the challenge, determining 
a response and a key to be used with an aid of an identification unit of the terminal; 
receiving an authenticator and a data unit containing information relating to a manner in which 
the authenticator is formed from the terminal; 

determining based on said data unit which challenge was chosen by the terminal; 
and 

determining a check value with the key corresponding to the chosen challenge, said check value 
to be compared with the authenticator. 

15. (Currently Amended) The method as defined in claim 14, wh ere in where said data unit is a 
security parameter index in [[the]] a registration message of a mobile internet protocol. 

16. (Currently Amended) The method as defined in claim 14, wh ere in where said data unit 
comprises the response corresponding to the chosen challenge. 

1 7. (Currently Amended) A method, comprising: 

receiving with a receiver a set of challenges from a telecommunications network, wherein where 
each 

one of the challenges is contained in an authentication data block comprising said one of said 

challenges, a response and a key; 

choosing one challenge from the set of challenges; 

determining a response and a key based on the chosen challenge; 

determining an authenticator based on the key corresponding to the chosen challenge; 

transmitting with a transmitter said authenticator and a data unit to the telecommunications 

network, said data unit relating to the manner in which the authenticator is formed; and 

notifying the telecommunications network of the chosen challenge, wh ere in where a check value 

is determined with the key corresponding to the chosen challenge and said check value is 

compared with the authenticator. 
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18. (Currently Amended) The method as defined in claim 17, wh e rein where said data unit is a 
security parameter index in [[the]] a registration message of a mobile internet protocol. 

19. (Currently Amended) The method as defined in claim 17, wherein where said data unit 
comprises the response corresponding to the chosen challenge. 

20. (Currently Amended) An apparatus comprising: 

a generator that is configured to generate a set of subscriber-specific authentication data blocks, 
each authentication data block containing a challenge, a response and a key; 
a transmitter that is configured to transmit at least some of the challenges contained in the 
authentication data blocks to a terminal; 

a processor that is configured to choose one of the challenges for use in the terminal, and based 
on the challenge, to determine a response and a key to be used with an aid of an identification 
unit of the terminal; 

a receiver that is configured to receive an authenticator and a data unit containing information 
relating to a manner in which the authenticator is formed; 

a first determiner that is configured to determine based on said data unit which challenge was 
chosen by the terminal; and 

a second determiner that is configured to determine a check value with the key corresponding to 
the chosen challenge, said check value to be compared with the authenticator. 

2 1 . (Currently Amended) An apparatus, comprising: 

a receiver thatjs. configured to receive a set of challenges from a telecommunications network, 
wherein where each one of the challenges is contained in an authentication data block comprising 
said one of said challenges, a response and key; 

a selector that is configured to choose one challenge from the set of challenges; 

a first determiner that is configured to determine a response and a key based on the chosen 

challenge; 

a second determiner that is configured to determine an authenticator based on the key 
corresponding to the chosen challenge; and 
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a transmitter that is configured to transmit said authenticator and a data unit to the 
telecommunications network, said data unit relating to the manner in which the authenticator is 
formed and to notify the telecommunications network of the chosen challenge, wh er ein where 
a check value is determined with the key corresponding to the chosen challenge and said check 
value is compared with the authenticator. 

22. (Currently Amended) An apparatus, comprising: 

generating means for generating a set of subscriber-specific authentication data blocks into the 
network, each data block containing a challenge, a response and a key, 

wh ere by where the generation is performed in the same manner as in a known mobile 
communications system; 

transmitting means for transmitting at least some of the challenges contained in the authentication 
data blocks to the terminal; 

choosing means for choosing one of the challenges for use in the terminal, and 
based on the challenge, determining a response and a key to be used with an aid of an 
identification unit of the terminal essentially in the same way as in a subscriber identification 
module of the mobile communication system; 

determining means for determining an authenticator with an aid of the chosen key in the terminal; 
transmitting means for transmitting from the terminal to the network authenticator and a data 
unit, the data unit containing information relating to the manner in which the authentication is 
formed and notifying the network with the aid of the data unit of which key corresponding to 
which challenge was chosen, and a check value with the aid of the chosen key in the network; 
and 

comparing means for comparing the check value with the authenticator. 

23. (Currently Amended) An apparatus, comprising: 

receiving means for receiving a set of challenges from a telecommunications network, whe r ein 
where each one of the challenges is contained in an authentication data block comprising said one 
of said challenges, a response and a key; 

choosing means for choosing one challenge from the set of challenges; 
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determining means for determining a response and a key based on the chosen challenge; 
determining means for determining an authenticator based on the key corresponding to the 
chosen challenge; 

transmitting means for transmitting said authenticator and a data unit to the telecommunications 
network, said data unit relating to the manner in which the authenticator is formed; and 
notifying means for notifying the telecommunications network of the chosen challenge, whe r ein 
where a check value is determined with the key corresponding to the chosen challenge and said 
check value is compared with the authenticator. 

24. (Currently Amended) A computer program embodied on a computer-readable medium , where 
execution of the computer program controls at least one configu r ed to cont r ol a processor to 
perform: 

generating with said at least one processor a set of subscriber-specific authentication data blocks 
into [[the]] a network, each data block containing a challenge, a response and a key, whe re by 
where the generation is performed in the same manner as in a known mobile communications 
system; 

transmitting with a transmitter at least some of the challenges contained in the authentication data 
blocks to [[the]] a terminal; 

choosing one of the challenges for use in the terminal, and based on the challenge, determining 
a response and a key to be used with an aid of an identification unit of the terminal essen t ially 
substantially in the same way as in a subscriber identification module of the mobile 
communication system; 

determining an authenticator with an aid of the chosen key in the terminal; 

transmitting with a terminal transmitter , from the terminal to the network, the authenticator and 

a data unit, 

the data unit containing information relating to the manner in which the authentication is formed 
and notifying the network with the aid of the data unit of which key corresponding to which 
challenge was chosen, and a check value with the aid of the chosen key in the network; and 
comparing the check value with the authenticator. 
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25. (Currently Amended) A computer program embodied on a computer-readable medium , where 
execution of the computer program controls at least one configu re d to con tr ol processor to 
perform: 

generating with said at least one processor a set of subscriber-specific authentication data blocks, 
each authentication data block containing a challenge, a response and a key; 
transmitting with a transmitter at least some of the challenges contained in the authentication data 
blocks to a terminal; 

choosing one of the challenges for use in the terminal and based on the challenge, determining 
a response and a key to be used with an aid of an identification unit of the terminal; 
receiving with a receiver an authenticator and a data unit containing information relating to a 
manner in which the authenticator is formed from the terminal; 

determining based on said data unit which challenge was chosen by the terminal; and 
determining a check value with the key corresponding to the chosen challenge, said check value 
to be compared with the authenticator. 

26. (Currently Amended) A computer program embodied on a computer-readable medium , where 
execution of the computer program controls at least one configur e d to cont r ol a processor to 
perform: 

receiving with a receiver a set of challenges from a telecommunications network, wherein where 
each one of the challenges is contained in an authentication data block comprising said one of 
said challenges, a response and key; 

choosing with said at least one processor one challenge from the set of challenges; 
determining a response and a key based on the chosen challenge; 
determining an authenticator based on the key corresponding to the chosen challenge; 
transmitting with a transmitter said authenticator and a data unit to the telecommunications 
network, said data unit relating to the manner in which the authenticator is formed; and 
notifying the telecommunications network of the chosen challenge, whe r ein where a check value 
is determined with the key corresponding to the chosen challenge and said check value is 
compared with the authenticator. 
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27. (Currently Amended) The apparatus as defined in claim 20, wherein where the data unit is 
a security parameter index in [[the]] a registration message of [[the]] a mobile internet protocol. 

28. (Currently Amended) The apparatus as defined in claim 20, wherein where the value of the 
response determined at the terminal is inserted into the data unit. 

29. (Currently Amended) The apparatus as defined in claim 20, wh e r e in where the challenges are 
sorted in an order at the terminal with the aid of predetermined sorting criteria, and a consecutive 
number corresponding to the chosen challenge is inserted into the data unit. 

30. (Currently Amended) The apparatus as defined in claim 20, wherein where the challenges to 
be transmitted to the terminal are transmitted in an internet protocol datagram to be sent through 
an internet protocol network. 

31 . (Currently Amended) The apparatus as defined in claim 21, wherein where the data unit is 
a security parameter index in [[the]] a registration message of [[the]] a mobile internet protocol. 

32. (Currently Amended) The apparatus as defined in claim 21 , wherein where the value of the 
response determined at the terminal is inserted into the data unit. 

3 3 . (Currently Amended) The apparatus as defined in claim 2 1 , whe re in where the challenges are 
sorted in an order at the terminal with the aid of predetermined sorting criteria, and a consecutive 
number corresponding to the chosen challenge is inserted into the data unit. 

34. (Currently Amended) The apparatus as defined in claim 2 1 , wh e r e in where the challenges [[to 
be]] transmitted to the terminal are transmitted by using a [[known]] short message switching 
service. 

3 5 . (Currently Amended) The apparatus as defined in claim 2 1 , wherein where the challenges [[to 
be]] transmitted to the terminal are transmitted in an internet protocol datagram t o b e sen t 
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through an internet protocol network. 
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